using System;
using System.Text;
using System.Web;
using System.Web.UI;
using System.Configuration;
using System.Security.Cryptography;

/* OWED */
using OWED.Document;
using OWED.Network;
using OWED.Network.Messages;
using OWED.Network.Messages.General;
using OWED.Network.Messages.Reply;

/// <summary>
/// Login class
/// </summary>
public partial class LoginASPX : System.Web.UI.Page {

	/// <summary>
	/// Login submit button
	/// </summary>
	protected System.Web.UI.WebControls.Button LoginSubmit;

	/// <summary>
	/// username text field
	/// </summary>
	protected System.Web.UI.HtmlControls.HtmlInputText username;

	/// <summary>
	/// password text field
	/// </summary>
	protected System.Web.UI.HtmlControls.HtmlInputText password;

	/// <summary>
	/// login error message
	/// </summary>
	protected System.Web.UI.WebControls.Label LoginMessage;

	/// <summary>
	/// clesring for pedia
	/// </summary>
	protected System.Web.UI.WebControls.Label LoginMessageClear;

	/// <summary>
	/// is Logged in, to check if a user is logged in
	/// </summary>
	protected System.Web.UI.WebControls.Literal isLoggedIn;

	private void Page_Load(object sender, System.EventArgs e)
	{
		// set the message == visible
		LoginMessage.Visible = false;
	}

	/// <summary>
	/// On Init
	/// </summary>
	/// <param name="e"></param>
	override protected void OnInit(EventArgs e)
	{
		InitializeComponent();
		base.OnInit(e);
	}

	/// <summary>
	/// Designer stuff
	/// </summary>
	private void InitializeComponent()
	{
		this.LoginSubmit.Click += new System.EventHandler(this.Login_Click);
		this.Load += new System.EventHandler(this.Page_Load);
	}

	/// <summary>
	/// The heart of the program, when a user clicks the login button
	/// </summary>
	/// <param name="sender"></param>
	/// <param name="e"></param>
	private void Login_Click(object sender, System.EventArgs e)
	{
		int code;
		Connection conn;
		MD5CryptoServiceProvider hash;
		String md5hashHex, RC4Hex;

		username.Value = Server.HtmlEncode(username.Value); // sanitize
		password.Value = Server.HtmlEncode(password.Value);

		conn = null;
		code = WebLogin.C(out conn, username.Value, password.Value);
		
		// Technical difficulties
		if (code == -1) {
			LoginMessage.Visible = true;
			LoginMessage.Text = "<h2>Login error:</h2>We are currently experiencing technical difficulties.";
			return;
		}

		// More technical difficults
		if (code == -2) {
			LoginMessage.Visible = true;
			LoginMessage.Text = "<h2>Login error:</h2>We are currently experiencing technical difficulties.";
			return;
		}

		// username and password is incorrect
		if (code == 0) {
			LoginMessage.Visible = true;
			LoginMessage.Text = "<h2>Login error:</h2>You have not specified a correct username/password combination";
			return;
		}

		// MD5 hash
		hash = new MD5CryptoServiceProvider();

		// Get Hex code of the MD5 bytes
		md5hashHex = RC4.bin2hex(Encoding.GetEncoding(1252).GetString(
					hash.ComputeHash
					(
						Encoding.GetEncoding(1252).GetBytes
						(
							username.Value +
							ConfigurationManager.AppSettings["secret"]
						)
					)
				)); // read web.config file, and ask the secret key

		// get rc4 output
		RC4Hex = RC4.Encrypt(ConfigurationManager.AppSettings["secret"], password.Value, false);
		
		// set cookie to the browser
		Response.Cookies["owed"].Value = username.Value + ":" + md5hashHex + ":" + RC4.bin2hex(RC4Hex);

		// keep the user logged in for 4 hours
		Response.Cookies["owed"].Expires = DateTime.Now.AddHours(4.0);

		// redirect
		Response.Redirect("ViewDocumentList.aspx");
	}
}
